Uncategorized - Aqua Cloud Native Security, Container Security & Serverless Security Tue, 29 Oct 2024 07:50:00 +0000 en-US hourly 1 https://wordpress.org/?v=6.6.2 White House Shifts Cybersecurity Strategy to Drive Resilience https://www.aquasec.com/blog/white-house-shifts-cybersecurity-strategy-to-drive-resilience/ Fri, 03 Mar 2023 17:00:41 +0000 https://www.aquasec.com/?p=14459 White House Shifts Cybersecurity Strategy to Drive ResilienceThis week, the White House released its updated National Cybersecurity Strategy detailing the comprehensive approach the U.S. Government’s Administration is taking to cybersecurity. The strategy contains a set of three pillars that outline collaboration between public and private sectors, dealing with systemic challenges within cybersecurity and realignment of incentives for the industry. Pillar Three specifically …]]> Achieve Software Supply Chain Compliance with US Executive Order 14028 https://www.aquasec.com/blog/achieve-software-supply-chain-compliance-with-us-executive-order-14028/ Tue, 06 Dec 2022 11:00:00 +0000 https://www.aquasec.com/?p=14537 Achieve Software Supply Chain Compliance with US Executive Order 14028Thanks to many factors like the rise of the cloud infrastructure, the abundance of prebuilt open-source code, and process improvements in DevOps, innovating with software is happening faster than ever. The software supply chain is the assembly line for these technological innovations and can be thought of as any combination of code, tools, and processes …]]> Securing Kubernetes Everywhere with EKS Anywhere (EKS-A) Bare Metal https://www.aquasec.com/blog/amazon-eks-anywhere/ Wed, 29 Jun 2022 12:45:00 +0000 https://www.aquasec.com/?p=14745 Securing Kubernetes Everywhere with EKS Anywhere (EKS-A) Bare MetalWith the release of Amazon EKS Anywhere (EKS-A) Bare Metal, Amazon Web Services has expanded the choices of infrastructure to deploy EKS Anywhere clusters using on-premise bare metal servers as a deployment target. In support of this, Aqua has worked to ensure that as customers adopt EKS Anywhere to automate Kubernetes cluster lifecycle management for …]]> Fortune 1000 CISOs: Active Protection is Key to Cloud Native Security https://www.aquasec.com/blog/ciso-survey-cloud-native-security/ Tue, 26 Apr 2022 09:00:00 +0000 https://www.aquasec.com/?p=14828 Fortune 1000 CISOs: Active Protection is Key to Cloud Native SecurityWhat is the CISO approach to securing cloud native applications? Our recent survey of CISOs at Fortune 1000 companies gives a view into their perspectives on the critical security capabilities that allow for speed and agility while reducing friction between teams and preserving business continuity. According to the research results, CISOs are concerned with stopping …]]> Securing at Cloud Native Pace with Aqua Terraform Provider https://www.aquasec.com/blog/cloud-native-security-aqua-terraform-provider/ Mon, 25 Apr 2022 09:30:00 +0000 https://www.aquasec.com/?p=14832 Securing at Cloud Native Pace with Aqua Terraform ProviderAt Aqua, we believe that cloud native is an opportunity to do security right. With the release of our Terraform Provider, we’ve added another tool to do security the cloud native way. With Aqua Terraform Provider, security teams can easily adopt DevOps processes and infrastructure as code (IaC) to consistently automate how they deploy and …]]> The Russia-Ukraine Cyber Attacks: A CISO’s Advice https://www.aquasec.com/blog/russia-ukraine-cyber-attacks/ Mon, 07 Mar 2022 15:54:32 +0000 https://www.aquasec.com/?p=14959 The Russia-Ukraine Cyber Attacks: A CISO’s AdviceThe devastating events in Ukraine have already affected millions of lives and organizations, with profound consequences extending far beyond the region. As the conflict continues to unfold, companies in the US and around the world are facing the growing risk of aggressive Russian cyberattacks. In the face of these threats, CISOs and CIOs must ramp …]]> Adopting Zero Trust in Kubernetes: The Fundamentals https://www.aquasec.com/blog/zero-trust-kubernetes/ Wed, 16 Feb 2022 12:55:59 +0000 https://www.aquasec.com/?p=14964 Adopting Zero Trust in Kubernetes: The FundamentalsIn late January, the White House published a memo that lays the groundwork for creating a zero-trust architecture for federal agencies. With renewed attention from the US government, zero-trust networking is an area that many organizations are focusing on to improve their security posture. With that focus, it makes sense to understand where these principles …]]> Identify Security Risks in AWS CloudFormation Templates with Trivy https://www.aquasec.com/blog/cloudformation-templates-scan-with-trivy/ Tue, 08 Feb 2022 12:02:35 +0000 https://www.aquasec.com/?p=14974 Identify Security Risks in AWS CloudFormation Templates with TrivyAqua Security’s open source project Trivy now includes scanning of AWS CloudFormation templates to help developers better identify and remediate security issues within infrastructure as code (IaC) templates. Building on the technology and rule sets behind our popular open source project tfsec, Trivy now allows developers to evaluate AWS CloudFormation code, either locally or within …]]> What You Need to Know About PCI DSS Compliance in Cloud Native https://www.aquasec.com/blog/pci-dss-compliance-in-cloud-native/ Wed, 24 Nov 2021 14:59:41 +0000 https://www.aquasec.com/?p=15056 What You Need to Know About PCI DSS Compliance in Cloud NativeThe Payment Card Industry Data Security Standard (PCI DSS) is a well-known compliance framework for any organization handling payment card data. However, translating the PCI DSS requirements into the world of containers and Kubernetes can be overwhelming. In this post, we break down how containerized applications impact PCI DSS compliance and how to meet its …]]> A Popular npm Library Compromised in a Supply Chain Attack: What to Do https://www.aquasec.com/blog/npm-library-supply-chain-attack/ Thu, 11 Nov 2021 11:30:00 +0000 https://www.aquasec.com/?p=15079 A Popular npm Library Compromised in a Supply Chain Attack: What to Dohttps://www.aquasec.com/cloud-native-academy/application-security/cyber-kill-chain/In late October, a supply chain attack affected a popular npm library, ua-parser-js, which put many companies at risk of compromise. In this blog, we will describe the attack and outline a few ways that organizations can mitigate similar threats. This is an example in a growing trend of cyberattacks that leverage the software supply …]]>